src/auth/passdb-passwd-file.c

	passdb-passwd-file.c revision 63c6eefc07085070733e702208101662bc5ccb45
2454dfa32c93c20a8522c6ed42fe057baaac9f9aStephan Bosch/* Copyright (C) 2002-2003 Timo Sirainen */
9d7451b57769988f7e3e41cd8790e65429ffc5c7Timo Sirainen
9d7451b57769988f7e3e41cd8790e65429ffc5c7Timo Sirainen#include "config.h"
9d7451b57769988f7e3e41cd8790e65429ffc5c7Timo Sirainen#undef HAVE_CONFIG_H
9d7451b57769988f7e3e41cd8790e65429ffc5c7Timo Sirainen
9d7451b57769988f7e3e41cd8790e65429ffc5c7Timo Sirainen#ifdef PASSDB_PASSWD_FILE
9d7451b57769988f7e3e41cd8790e65429ffc5c7Timo Sirainen
6246b93fb37890dcb2f4df9896438f3f376ab284Timo Sirainen#include "common.h"
1964dbea138cb4a213b1bce1eeee68992b18829aTimo Sirainen#include "passdb.h"
0536ccb51d41e3078c3a9fa33e509fb4b2420f95Timo Sirainen#include "password-scheme.h"
dcc76bb1e1bb287e3e71e6a39a7ca207fab0eaa8Timo Sirainen#include "db-passwd-file.h"
9d7451b57769988f7e3e41cd8790e65429ffc5c7Timo Sirainen
bdd36cfdba3ff66d25570a9ff568d69e1eb543cfTimo Sirainenstruct passwd_file *passdb_pwf = NULL;
70afae43cc78ea6ecca83f6c587072c442a15ec1Timo Sirainen
9d7451b57769988f7e3e41cd8790e65429ffc5c7Timo Sirainenstatic void
9d7451b57769988f7e3e41cd8790e65429ffc5c7Timo Sirainenpasswd_file_verify_plain(struct auth_request *request, const char *password,
9d7451b57769988f7e3e41cd8790e65429ffc5c7Timo Sirainen             verify_plain_callback_t *callback)
9d7451b57769988f7e3e41cd8790e65429ffc5c7Timo Sirainen{
9d7451b57769988f7e3e41cd8790e65429ffc5c7Timo Sirainen    struct passwd_user *pu;
660b4d36110c44b1e4b4b45a78c22d1569ccdb54Timo Sirainen    const char *scheme, *crypted_pass;
9d7451b57769988f7e3e41cd8790e65429ffc5c7Timo Sirainen    int ret;
dcc76bb1e1bb287e3e71e6a39a7ca207fab0eaa8Timo Sirainen
283ccfe110ed62e48f36e0d84e47da8cae5106beTimo Sirainen    pu = db_passwd_file_lookup(passdb_pwf, request->user);
9d7451b57769988f7e3e41cd8790e65429ffc5c7Timo Sirainen    if (pu == NULL) {
dcc76bb1e1bb287e3e71e6a39a7ca207fab0eaa8Timo Sirainen        callback(PASSDB_RESULT_USER_UNKNOWN, request);
9d7451b57769988f7e3e41cd8790e65429ffc5c7Timo Sirainen        return;
dcc76bb1e1bb287e3e71e6a39a7ca207fab0eaa8Timo Sirainen    }
9d7451b57769988f7e3e41cd8790e65429ffc5c7Timo Sirainen
9d7451b57769988f7e3e41cd8790e65429ffc5c7Timo Sirainen    crypted_pass = pu->password;
6ef7e31619edfaa17ed044b45861d106a86191efTimo Sirainen    scheme = password_get_scheme(&crypted_pass);
9d7451b57769988f7e3e41cd8790e65429ffc5c7Timo Sirainen    if (scheme == NULL) scheme = "CRYPT";
9d7451b57769988f7e3e41cd8790e65429ffc5c7Timo Sirainen
dcc76bb1e1bb287e3e71e6a39a7ca207fab0eaa8Timo Sirainen    ret = password_verify(password, crypted_pass, scheme,
dcc76bb1e1bb287e3e71e6a39a7ca207fab0eaa8Timo Sirainen                  request->user);
dcc76bb1e1bb287e3e71e6a39a7ca207fab0eaa8Timo Sirainen    if (ret > 0)
9d7451b57769988f7e3e41cd8790e65429ffc5c7Timo Sirainen        callback(PASSDB_RESULT_OK, request);
9d7451b57769988f7e3e41cd8790e65429ffc5c7Timo Sirainen    else {
9d7451b57769988f7e3e41cd8790e65429ffc5c7Timo Sirainen        if (ret < 0) {
dcc76bb1e1bb287e3e71e6a39a7ca207fab0eaa8Timo Sirainen            i_error("passwd-file(%s): Unknown password scheme %s",
dcc76bb1e1bb287e3e71e6a39a7ca207fab0eaa8Timo Sirainen                pu->user_realm, scheme);
dcc76bb1e1bb287e3e71e6a39a7ca207fab0eaa8Timo Sirainen        } else if (verbose) {
dcc76bb1e1bb287e3e71e6a39a7ca207fab0eaa8Timo Sirainen            i_info("passwd-file(%s): %s password mismatch",
dcc76bb1e1bb287e3e71e6a39a7ca207fab0eaa8Timo Sirainen                   pu->user_realm, scheme);
dcc76bb1e1bb287e3e71e6a39a7ca207fab0eaa8Timo Sirainen        }
dcc76bb1e1bb287e3e71e6a39a7ca207fab0eaa8Timo Sirainen        callback(PASSDB_RESULT_PASSWORD_MISMATCH, request);
dcc76bb1e1bb287e3e71e6a39a7ca207fab0eaa8Timo Sirainen    }
dcc76bb1e1bb287e3e71e6a39a7ca207fab0eaa8Timo Sirainen}
8d6a6eccd3f2e34df967b90bb45e20755241bdbbTimo Sirainen
dcc76bb1e1bb287e3e71e6a39a7ca207fab0eaa8Timo Sirainenstatic void
dcc76bb1e1bb287e3e71e6a39a7ca207fab0eaa8Timo Sirainenpasswd_file_lookup_credentials(struct auth_request *request,
dcc76bb1e1bb287e3e71e6a39a7ca207fab0eaa8Timo Sirainen                   enum passdb_credentials credentials,
dcc76bb1e1bb287e3e71e6a39a7ca207fab0eaa8Timo Sirainen                   lookup_credentials_callback_t *callback)
dcc76bb1e1bb287e3e71e6a39a7ca207fab0eaa8Timo Sirainen{
9d7451b57769988f7e3e41cd8790e65429ffc5c7Timo Sirainen    struct passwd_user *pu;
306f6bb8791755257c0db900f17659402c660057Timo Sirainen    const char *crypted_pass, *scheme;
9d7451b57769988f7e3e41cd8790e65429ffc5c7Timo Sirainen
9d7451b57769988f7e3e41cd8790e65429ffc5c7Timo Sirainen    pu = db_passwd_file_lookup(passdb_pwf, request->user);
9d7451b57769988f7e3e41cd8790e65429ffc5c7Timo Sirainen    if (pu == NULL) {
dcc76bb1e1bb287e3e71e6a39a7ca207fab0eaa8Timo Sirainen        callback(NULL, request);
dcc76bb1e1bb287e3e71e6a39a7ca207fab0eaa8Timo Sirainen        return;
9d7451b57769988f7e3e41cd8790e65429ffc5c7Timo Sirainen    }
9d7451b57769988f7e3e41cd8790e65429ffc5c7Timo Sirainen
dcc76bb1e1bb287e3e71e6a39a7ca207fab0eaa8Timo Sirainen    crypted_pass = pu->password;
0abbd167fe12a6b0aba98d38552f023a5fa8ffa7Timo Sirainen    scheme = password_get_scheme(&crypted_pass);
dcc76bb1e1bb287e3e71e6a39a7ca207fab0eaa8Timo Sirainen
9d7451b57769988f7e3e41cd8790e65429ffc5c7Timo Sirainen    passdb_handle_credentials(credentials, request->user, crypted_pass,
dcc76bb1e1bb287e3e71e6a39a7ca207fab0eaa8Timo Sirainen                  scheme, callback, request);
1964dbea138cb4a213b1bce1eeee68992b18829aTimo Sirainen}
1964dbea138cb4a213b1bce1eeee68992b18829aTimo Sirainen
1964dbea138cb4a213b1bce1eeee68992b18829aTimo Sirainenstatic void passwd_file_init(const char *args)
1964dbea138cb4a213b1bce1eeee68992b18829aTimo Sirainen{
1964dbea138cb4a213b1bce1eeee68992b18829aTimo Sirainen    if (userdb_pwf != NULL && strcmp(userdb_pwf->path, args) == 0) {
1964dbea138cb4a213b1bce1eeee68992b18829aTimo Sirainen        passdb_pwf = userdb_pwf;
1388b590dbd85245b591346f860bc1319953318aTimo Sirainen                passdb_pwf->refcount++;
1964dbea138cb4a213b1bce1eeee68992b18829aTimo Sirainen    } else {
dcc76bb1e1bb287e3e71e6a39a7ca207fab0eaa8Timo Sirainen        passdb_pwf = db_passwd_file_parse(args, FALSE);
dcc76bb1e1bb287e3e71e6a39a7ca207fab0eaa8Timo Sirainen    }
dcc76bb1e1bb287e3e71e6a39a7ca207fab0eaa8Timo Sirainen}
1964dbea138cb4a213b1bce1eeee68992b18829aTimo Sirainen
9d7451b57769988f7e3e41cd8790e65429ffc5c7Timo Sirainenstatic void passwd_file_deinit(void)
9d7451b57769988f7e3e41cd8790e65429ffc5c7Timo Sirainen{
dcc76bb1e1bb287e3e71e6a39a7ca207fab0eaa8Timo Sirainen    db_passwd_file_unref(passdb_pwf);
9d7451b57769988f7e3e41cd8790e65429ffc5c7Timo Sirainen}
dcc76bb1e1bb287e3e71e6a39a7ca207fab0eaa8Timo Sirainen
9d7451b57769988f7e3e41cd8790e65429ffc5c7Timo Sirainenstruct passdb_module passdb_passwd_file = {
9d7451b57769988f7e3e41cd8790e65429ffc5c7Timo Sirainen    passwd_file_init,
dcc76bb1e1bb287e3e71e6a39a7ca207fab0eaa8Timo Sirainen    passwd_file_deinit,
f6845101f2d6b8068e352a0b5a0d4bb04e20ad74Timo Sirainen
dfa23b2ddc43f323112225facf7cd7191e62e02cAki Tuomi    passwd_file_verify_plain,
dfa23b2ddc43f323112225facf7cd7191e62e02cAki Tuomi    passwd_file_lookup_credentials
f6845101f2d6b8068e352a0b5a0d4bb04e20ad74Timo Sirainen};
9d7451b57769988f7e3e41cd8790e65429ffc5c7Timo Sirainen
9d7451b57769988f7e3e41cd8790e65429ffc5c7Timo Sirainen#endif
dcc76bb1e1bb287e3e71e6a39a7ca207fab0eaa8Timo Sirainen